Removed preview notes

Author: memildin

articles/security-center/secure-score-security-controls.md

@@ -41,7 +41,7 @@ The enhanced Secure Score is shown as a percentage, as shown in the following sc
 
 ## Locating your Secure Score
 
-Security Center displays your score prominently: it's the first thing shown in the Overview page. If you click through to the dedicated Secure Score page, you'll see the score broken down by subscription. Click a single subscription to see the detailed list of prioritized recommendations and the potential impact that remediating them will have on the subscription’s score.
+Security Center displays your score prominently: it's the first thing shown in the Overview page. If you click through to the dedicated Secure Score page, you'll see the score broken down by subscription. Click a single subscription to see the detailed list of prioritized recommendations and the potential impact that remediating them will have on the subscription's score.
 
 ## How the Secure Score is calculated 
 
@@ -95,7 +95,7 @@ The table below lists the Security Controls in Azure Security Center. For each c
 |**Remediate vulnerabilities**|6|- Advanced data security should be enabled on your SQL servers<br>- Vulnerabilities in Azure Container Registry images should be remediated (Preview)<br>- Vulnerabilities on your SQL databases should be remediated<br>- Vulnerabilities should be remediated by a Vulnerability Assessment solution<br>- Vulnerability assessment should be enabled on your SQL managed instances<br>- Vulnerability assessment should be enabled on your SQL servers<br>- Vulnerability assessment solution should be installed on your virtual machines|
 |**Enable encryption at rest**|4|- Disk encryption should be applied on virtual machines<br>- Transparent Data Encryption on SQL databases should be enabled<br>- Automation account variables should be encrypted<br>- Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign<br>- SQL server TDE protector should be encrypted with your own key|
 |**Encrypt data in transit**|4|- API App should only be accessible over HTTPS<br>- Function App should only be accessible over HTTPS<br>- Only secure connections to your Redis Cache should be enabled<br>- Secure transfer to storage accounts should be enabled<br>- Web Application should only be accessible over HTTPS|
-|**Manage access and permissions**|4|- A maximum of 3 owners should be designated for your subscription<br>- Deprecated accounts should be removed from your subscription (Preview)<br>- Deprecated accounts with owner permissions should be removed from your subscription (Preview)<br>- External accounts with owner permissions should be removed from your subscription (Preview)<br>- External accounts with read permissions should be removed from your subscription<br>- External accounts with write permissions should be removed from your subscription (Preview)<br>- There should be more than one owner assigned to your subscription<br>- Role-Based Access Control (RBAC) should be used on Kubernetes Services (Preview)<br>- Service Fabric clusters should only use Azure Active Directory for client authentication|
+|**Manage access and permissions**|4|- A maximum of 3 owners should be designated for your subscription<br>- Deprecated accounts should be removed from your subscription<br>- Deprecated accounts with owner permissions should be removed from your subscription<br>- External accounts with owner permissions should be removed from your subscription<br>- External accounts with read permissions should be removed from your subscription<br>- External accounts with write permissions should be removed from your subscription<br>- There should be more than one owner assigned to your subscription<br>- Role-Based Access Control (RBAC) should be used on Kubernetes Services (Preview)<br>- Service Fabric clusters should only use Azure Active Directory for client authentication|
 |**Remediate security configurations**|4|- Pod Security Policies should be defined on Kubernetes Services (Preview)<br>- Vulnerabilities in container security configurations should be remediated<br>- Vulnerabilities in security configuration on your machines should be remediated<br>- Vulnerabilities in security configuration on your virtual machine scale sets should be remediated<br>- Monitoring agent should be installed on your virtual machines<br>- Monitoring agent should be installed on your machines<br>- Monitoring agent should be installed on virtual machine scale sets<br>- Monitoring agent health issues should be resolved on your machines|
 |**Restrict unauthorized network access**|4|- IP forwarding on your virtual machine should be disabled<br>- Authorized IP ranges should be defined on Kubernetes Services (Preview)<br>- (DEPRECATED) Access to App Services should be restricted (Preview)<br>- (DEPRECATED) The rules for web applications on IaaS NSGs should be hardened<br>- Virtual machines should be associated with a Network Security Group<br>- CORS should not allow every resource to access your API App<br>- CORS should not allow every resource to access your Function App<br>- CORS should not allow every resource to access your Web Application<br>- Remote debugging should be turned off for API App<br>- Remote debugging should be turned off for Function App<br>- Remote debugging should be turned off for Web Application<br>- Access should be restricted for permissive Network Security Groups with Internet-facing VMs<br>- Network Security Group Rules for Internet facing virtual machines should be hardened|
 |**Apply adaptive application control**|3|- Adaptive Application Controls should be enabled on virtual machines<br>- Monitoring agent should be installed on your virtual machines<br>- Monitoring agent should be installed on your machines<br>- Monitoring agent health issues should be resolved on your machines|
@@ -121,7 +121,7 @@ Yes, but for a while they'll be running side by side to ease the transition.
 Yes. We recommend disabling recommendations when they're inapplicable in your environment. For instructions on how to disable a specific recommendation, see [Disable security policies](https://docs.microsoft.com/azure/security-center/tutorial-security-policy#disable-security-policies).
 
 ### If a Security Control offers me zero points towards my Secure Score, should I ignore it?
-In some cases you'll see a control max score greater than zero, but the impact is zero. When the incremental score for fixing resources is negligible, it's rounded to zero. Don't ignore these recommendations as they still bring security improvements. The only exception is the “Additional Best Practice” control. Remediating these recommendations won't increase your score, but it will enhance your overall security.
+In some cases you'll see a control max score greater than zero, but the impact is zero. When the incremental score for fixing resources is negligible, it's rounded to zero. Don't ignore these recommendations as they still bring security improvements. The only exception is the "Additional Best Practice" control. Remediating these recommendations won't increase your score, but it will enhance your overall security.
 
 ## Next steps
 

articles/security-center/security-center-identity-access.md

@@ -14,17 +14,13 @@ ms.workload: na
 ms.date: 12/19/2019
 ms.author: memildin
 ---
-# Monitor identity and access (preview)
+# Monitor identity and access
 When Security Center identifies potential security vulnerabilities, it creates recommendations that guide you through the process of configuring the needed controls to harden and protect your resources.
 
 This article explains the **Identity and Access** page of the resource security section of Azure Security Center.
 
 For a full list of the recommendations you might see on this page, see [Identity and Access recommendations](recommendations-reference.md#recs-identity).
 
-> [!NOTE]
-> Monitoring identity and access is in preview and available only on the Standard tier of Security Center. See [Pricing](security-center-pricing.md) to learn more about Security Center's pricing tiers.
->
-
 Identity should be the control plane for your enterprise, and protecting identities should be your top priority. The security perimeter has evolved from a network perimeter to an identity perimeter. Security becomes less about defending your network and more about defending your data, as well as managing the security of your apps and users. Nowadays, with more data and more apps moving to the cloud, identity becomes the new perimeter.
 
 By monitoring identity activities, you can take proactive actions before an incident takes place or reactive actions to stop an attack attempt. The Identity & Access dashboard provides you with recommendations such as:
@@ -34,7 +30,7 @@ By monitoring identity activities, you can take proactive actions before an inci
 - Remove privileged external accounts from your subscription
 
 > [!NOTE]
-> If your subscription has more than 600 accounts, Security Center is unable to run the Identity recommendations against your subscription. Recommendations that are not run are listed under “unavailable assessments” below.
+> If your subscription has more than 600 accounts, Security Center is unable to run the Identity recommendations against your subscription. Recommendations that are not run are listed under "unavailable assessments" below.
 Security Center is unable to run the Identity recommendations against a Cloud Solution Provider (CSP) partner's admin agents.
 >